*privacy not included

Teddy bears that connect to the internet.
Smart speakers that listen to commands.
Great gifts, unless they spy on you.

Mozilla created a guide to help us buy safe.

We realize people want to just know which products are safe and which aren’t. We are Mozilla—not a consumer product review company—so we won’t say “Buy this, don’t buy that.” Instead, we used our technical expertise to create a set of minimum security standards we think all products should meet in order to be sold in stores. Those standards include using encryption, automatic security updates, requiring strong passwords, having a system to manage vulnerabilities, and having an accessible privacy policy. Look for the “Meets Our Minimum Security Standards” badge on products in the guide.
There is a Creep-O-Meter.

We wanted users of this guide to be able to share their opinion too. It’s important companies, and other consumers, see which products people think are safe, and which products people feel are a bit creepy. So we created our Creep-O-Meter—a users rating on each product—to let folks give their opinion too. Try it out, it’s fun.
Bigger and better.

We added a few things this year. Our product list has grown to 70 connected products across six categories. Last year we answered the questions “Can it spy on me?” and “What does it know about me?”. This year we added “Can I control it?” and “Does the company show it cares about consumers?” to that list. Hopefully the information provided in each product review will help people shop smart for connected products.

You’ll notice a lot of research went into this guide. Fortunately, we have access to some of the best minds around in the privacy and security space. Janice Y. Tsai, a privacy researcher here at Mozilla, and Rebecca Ricks, a former Mozilla Fellow, came together to comb through privacy policies and apps, and reach out to companies with questions about encryption and bug bounty programs. We were also lucky to collaborate with the smart researchers working on the Usable Privacy Policy project at Carnegie Mellon University. The reading levels of privacy policies come from their Explore Usable Privacy website. Check it out, it’s a great resource to quickly scan the content of privacy policies.

Links

Reticular Blog: Collision Resistance

Welcome to the place where Reticular virtually lives.
Collision Resistance is a property of cryptographic hash functions.
A hash function is collision resistant if it is hard to find two inputs that hash to the same output.
Collision Resistance is the Reticular blog.